OSCP - Week 5

Home Blog

This week has been a very slow one, but I managed to get some studying done. I didn’t do anywhere close to 40 hours as I hoped to. I am happy to say that I have 4 machines left in the Lab environment.

I successfully rooted Punchout, Jeff, Niky (IT department) and the 3rd of the Big four’s called Sufferance!

These 4 remaining machines in the Lab department has some kind of dependencies so I’m going to try and figure this out. Hopefully by the end of next week, I’ll be finished with the Lab environment and jump onto the IT network and Development network.

Thoughts so far on course:

I’m having a really good time doing these labs. And quiet frankly, I think I will miss it when I finish at the end of the year

There are some machines that have outdated web applications and password guessing in which I think its a waste of time. Browsing redundant web applications and trying to get different components to appear is really a time waster and most importantly, not applicable to real world environments.

Some of these machines are connected within multiple Domains which makes it real world. Master and Slave are both primary and secondary DNS servers both have Active Directory components. Mail which is their mail server which we can see people sending interesting emails to one another, including the CEO of the company. There is also Endian firewalls that I have discovered and a couple of Machines which is using NAT.

Client side attacks are really interesting as well which simulates real world scenarios. For example, one of the boxes above, a user within the company checks forums posts every “X’ minutes.